User guide

Chapter 1: Security Risks

1-32

Difficult-to-guess Password

Use a password that cannot be easily guessed by others or identified mechanically by some kind of tool.

A difficult-to-guess password should meet the following conditions:

• Cannot be guessed from personal information, e.g., name or birthday.

• Comprises the longest character string possible.

• Contains uppercase and lowercase letters, numbers, and symbols.

• Contains one complete word without modification.

• Is not a simple character string such as a repetition of the same character.

Password Management Method

The password must not be known to others. The following actions are very unwise:

• Disclosing the password to others.

• Leaving a note containing the password where others can see it.

• Storing the password in the Web browser.

Periodical Change of the Password

Even if the above two items are addressed, the password may be leaked. Periodically change the

password to ensure secure operation.

Note

Interstage Single Sign-on does not provide a password change function. Educate users to change the

password with appropriate frequency according to the system to be used.

If a password is guessed or stolen by others, stop all business servers and confirm whether the re-

authentication interval that was set with either of the following operations has passed:

• Re-authentication interval for each user, set in ssoCredentialTTL of user information in the SSO

repository.

• Standard re-authentication interval, configured in the Interstage Management Console, [Security] >

[Single Sign-on] > [Authentication infrastructure] > [Authentication server] > [Settings] tab >

[Detailed Settings [Show]] > [Operation after Authentication] > [Re-authentication Interval].

After the re-authentication interval has passed, change the guessed or stolen password and restart all

business servers.